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WHAT IS CLAIMED IS: 

1. A system to control access from a client to a 
server , compris ing : 

a ticket granting server including a personal 
information database for obtaining , in response to a 
request from a client, personal information from the 
personal information database, for authenticating the 
personal information, and for resultantly sending a 
ticket to the client; and 

an access control server including a server 
policy defining an access allowance condition for 
requiring of the access requesting client a ticket 
matching the server policy and for allowing the client 
an access when the required ticket is sent from the 
client. 

2. An access control system according to claim 
1, wherein the access allowance condition includes 
necessary information, necessity/non-necessity of 
authorization of the information, and necessity/non- 
necessity of disclosure of the information. 

3. An access control system according to claim 
1, wherein the ticket includes at least one personal 
information item, attribute information of the personal 
information item, information of a ticket granter, and 
a digital signature of the ticket granter. 

4. An access control method for use in a system 
including a client, a www server, and a ticket granting 
server, comprising the steps of: 



sending by the www server having a server 
policy defining an access allowance condition a server 
policy to a client having requested an access; 

obtaining by the ticket granting server, in 
response to a request and the server policy sent from a 
client, personal information from a personal informa- 
tion database, authenticating the personal information, 
and resultantly sending a ticket to the client; 

sending by the client an access request with 
the ticket to the www server; and 

allowing by the www server the client the 
access when the ticket matches the server policy. 

5. a method of controlling an access from a 
client, comprising the steps of: 

setting a server policy defining an access 
allowance condition; 

requiring of the access requesting client an 
authenticated ticket matching the server policy; and 

allowing the client an access when the 
required ticket is sent from the client. 

6. An access control method according to claim 
5, wherein the access allowance condition includes 
necessary information, necessity/non-necessity of 
authorization of the information, and necessity /non- 
necessity of disclosure of the information. 

7. a personal information authentication method, 
comprising the steps of: 

preparing a personal information database 
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including personal information; 

identifying, in response to a request from a 
client, a person and authenticating the person; 

obtaining requested information from the 
personal information database corresponding to the 
identified and authenticated person and describing the 
requested information on a certificate; 

putting a digital signature on the certifi- 
cate; and 

sending the certificate to the client. 

8. An authentication method according to claim 

7, wherein the request from the client includes 
necessary information, necessity/non-necessity of 
authorization of the information, and necessity/non- 
necessity of disclosure of the information. 

9. An authentication method according to claim 

8, further comprising the step of confirming, when it 
is not necessary to disclose the information requested 
by the client, information in the personal information 
database and describing none of contents of the infor- 
mation on the certificate. 

10. A server access method, comprising the steps 
of: 

receiving from an access target server a 
server policy defining an access allowance condition; 

sending to a ticket granting server a ticket 
granting request together with the server policy; 

receiving from the ticket granting server a 
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ticket including information which matches the server 
policy and which is authorized; and 

sending an access request to the access 
target server together with the ticket. 

11. An access control method for use in a system 
including a client , a www server, and a ticket granting 
server, comprising the steps of: 

by the ticket granting server, receiving a 
ticket granting request from the client and creating in 
response thereto a session key, obtaining personal 
inf ormation from a personal information database, and 
sending to the client the session key and an encrypted 
ticket including the session key and the personal 
information; 

by the client, creating an authenticator by 
encrypting an access request time using the session key 
received from the ticket granting server and sending to 
the www server an access request together with the 
encrypted ticket and the authenticator; and 

by the www server, decrypting the encrypted 
ticket to obtain a session key, decrypting the 
authenticator using the session key to obtain a time, 
verifying the time, determining whether or not the 
ticket satisfies an access allowance condition, and 
determining allowance or denial of the access. 

12. A www server, comprising: 

means for setting a server policy defining an 
access allowance condition; 
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means for sending the server policy to a 
client requesting an access; and 

means for allowing a client an access when a 
ticket matching the server policy is sent from the 
client. 

13. A ticket granting server, comprising: 

a personal information database including 
personal information; 

means for identifying, in response to a 
request from a client, a person and authenticating the 
person; 

means for obtaining requested information 
from information corresponding to the identified and 
authenticated person in the personal information 
database, putting a digital signature, and thereby 
creating a ticket; and 

means for sending the ticket to the client. 

14. A client, comprising: 

means for receiving a server policy defining 
an access allowance condition from an access target 
server; 

means for sending a ticket granting request 
to a ticket granting server together with the server 
policy; 

means for receiving from the ticket granting 
server a ticket including information which matches the 
server policy and which is authorized; and 

means for sending an access request to the 



- 41 - 

access target server together with the ticket. 

15. A program for controlling an access from a 
client, said program including instructions for execut- 
ing the steps of: 

sending, to a client requesting an access, a 
server policy to which an access allowance condition is 
beforehand set; and 

allowing the client the access when a ticket 
matching the server policy is sent from the client. 

16. A personal information authentication program 
including instructions for executing the steps of: 

identifying, in response to a request from a 
client, a person and authenticating the person? 

obtaining requested information from 
information corresponding to the identified and 
authenticated person in a personal information database 
and describing the requested information on a certifi- 
cate; 

putting a digital signature on the certifi- 
cate; and 

sending the certificate to the client. 

17. A server access program including instruc- 
tions for executing the steps of: 

receiving from an access target server a 
server policy defining an access allowance condition; 

sending to a ticket granting server a ticket 
granting request together with the server policy; 

receiving from the ticket granting server a 
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ticket including information which matches the server 
policy and which is authenticated; and 

sending an access request to the access 
target server together with the ticket. 



